Vulnerability Details CVE-2018-17407
An issue was discovered in t1_check_unusual_charstring functions in writet1.c files in TeX Live before 2018-09-21. A buffer overflow in the handling of Type 1 fonts allows arbitrary code execution when a malicious font is loaded by one of the vulnerable tools: pdflatex, pdftex, dvips, or luatex.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.014
EPSS Ranking 79.6%
CVSS Severity
CVSS v3 Score 7.8
CVSS v2 Score 6.8
References
- https://github.com/TeX-Live/texlive-source/commit/6ed0077520e2b0da1fd060c7f88db7b2e6068e4c
- https://lists.debian.org/debian-security-announce/2018/msg00230.html
- https://usn.ubuntu.com/3788-1/
- https://usn.ubuntu.com/3788-2/
- https://www.debian.org/security/2018/dsa-4299
- https://github.com/TeX-Live/texlive-source/commit/6ed0077520e2b0da1fd060c7f88db7b2e6068e4c
- https://lists.debian.org/debian-security-announce/2018/msg00230.html
- https://usn.ubuntu.com/3788-1/
- https://usn.ubuntu.com/3788-2/
- https://www.debian.org/security/2018/dsa-4299
Products affected by CVE-2018-17407
-
cpe:2.3:a:tug:tex_live:-
-
cpe:2.3:o:canonical:ubuntu_linux:14.04
-
cpe:2.3:o:canonical:ubuntu_linux:16.04
-
cpe:2.3:o:canonical:ubuntu_linux:18.04
-
cpe:2.3:o:canonical:ubuntu_linux:18.10
-
cpe:2.3:o:debian:debian_linux:8.0
-
cpe:2.3:o:debian:debian_linux:9.0